Systems and methods of a doorbell device initiating a state change of an access control device and/or a control panel responsive to two-factor authentication

ABSTRACT

Systems and methods of a doorbell device initiating a state change of an access control device and/or a control panel responsive to two-factor authentication are provided. Such systems and methods can include the doorbell device receiving first access credentials from a first device, determining whether the first access credentials are valid, and determining whether the first device has been authenticated with two factors by determining whether an indication of two-factor authentication of the first device has been received from the first device or by soliciting and validating second access credentials from a second device. When the first access credentials are valid and the first device has been authenticated with the two factors, the doorbell device can transmit a state change command to the access control device that controls access to a secured area associated with the doorbell device and/or the control panel that monitors the secured area.

FIELD

The present invention relates generally to security systems and accesscontrol systems. More particularly, the present invention relates tosystems and methods of a doorbell device initiating a state change of anaccess control device and/or a control panel responsive to two-factorauthentication.

BACKGROUND

Known security systems and access control systems can receive commandsand/or access credentials from a device. However, such systems do notauthenticate the device, the commands, and/or the access credentialswith two factors prior to taking some action responsive to the commandsand/or the access credentials.

In view of the above, there is a need and an opportunity for improvedsystems and methods.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a system in accordance with disclosedembodiments;

FIG. 2 is a flow diagram of a method in accordance with disclosedembodiments; and

FIG. 3 is a flow diagram of a method in accordance with disclosedembodiments.

DETAILED DESCRIPTION

While this invention is susceptible of an embodiment in many differentforms, specific embodiments thereof will be described herein in detailwith the understanding that the present disclosure is to be consideredas an exemplification of the principles of the invention. It is notintended to limit the invention to the specific illustrated embodiments.

Embodiments disclosed herein can include systems and methods of adoorbell device initiating a state change of an access control deviceand/or a control panel responsive to two-factor authentication. Forexample, the doorbell device can ensure that (1) access credentialsreceived from a first device, such as a mobile device, instructing thedoorbell device to initiate the state change are valid and (2) the firstdevice is proximate to (i.e. within a predetermined distance or atransmission range of) a second device, such as a keyfob or othertwo-factor authentication device, prior to initiating the state change.Such two-factor authentication can increase the likelihood that anauthorized user in possession of both the first device and the seconddevice is requesting the state change and not another person who mayhave stolen the first device, but is not in possession of the seconddevice.

In some embodiments, the doorbell device can determine that the firstdevice is proximate to the second device via communication with only thefirst device. However, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with both the first device and the second device. In anyembodiment, the doorbell device can include a transceiver device fortransmitting signals to and receiving signals from the first device, thesecond device, the access control device, the control panel, and/or acloud server device and a programmable processor for executing themethods disclosed herein.

Various embodiments of the first device and the second device arecontemplated. For example, in some embodiments, the first device caninclude the mobile device, such as a smart phone, a tablet, a lowpowered remote control device, or another portable programmable device,and in some embodiments, the second device can include the two-factorauthentication device, such as the keyfob, a wireless dongle, wirelessheadphones, a smart watch, a wireless location beacon, another mobiledevice, or another low powered device that can connect to and/or pairwith the first device. Alternatively, in some embodiments, the firstdevice can include the two-factor authentication device, and the seconddevice can include the mobile device.

As explained above, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with only the first device. In these embodiments, thedoorbell device can receive first access credentials from the firstdevice, determine whether the first access credentials are valid, anddetermine whether the doorbell device receives an indication oftwo-factor authentication of the first device from the first device. Theindication of two-factor authentication can confirm to the doorbelldevice that the first device is proximate to the second device, and insome embodiments, the doorbell device can receive the first accesscredentials and/or the indication of two-factor authentication from thefirst device responsive to the first device determining that the firstdevice is proximate to the second device. That is, in some embodiments,the first device will only transmit the first access credentials and/orthe indication of two-factor authentication to the doorbell device whenthe first device determines that the first device is proximate to thesecond device.

When the first access credentials are valid and the doorbell devicereceives the indication of two-factor authentication, the doorbelldevice can transmit a state change command to the access control device,such as a lock, that controls access to a secured area associated withthe doorbell device. For example, the state change command can instructthe access control device to change a state of the access control devicefrom locked to unlocked or from unlocked to locked.

In some embodiments, the doorbell device can be located proximate to thesecured area, for example, on an exterior of the secured area.Furthermore, in some embodiments, the doorbell device can include acamera device for monitoring the exterior of the secured area and/orreceiving information, such as the first access credentials, from thefirst device. Additionally or alternatively, in some embodiments, thedoorbell device can include a user interface, such as a button, that,when activated, can cause the doorbell device to notify an owner or anoccupant of the secured area about a presence of a person proximate tothe doorbell device, for example by emitting a sound or a tone withinthe secured area or transmitting an informational signal to a portabledevice associated with the owner.

In some embodiments, the doorbell device can transmit the state changecommand to the control panel in addition to or in lieu of transmittingthe state change command to the access control device. For example, thestate change command can instruct the control panel to change a state ofthe control panel from armed to disarmed or from disarmed to armed.Additionally or alternatively, in some embodiments, the doorbell devicecan identify a particular command to transmit to the control panel basedon the state of the access control device. For example, in someembodiments, the doorbell device can identify the state of the accesscontrol device and, when the state of the access control device isunlocked, transmit an arm command to the control panel. However, whenthe state of the access control device is locked, the doorbell devicecan transmit a disarm command to the control panel.

In some embodiments, the doorbell device can receive a communicationrequest from the first device before receiving the first accesscredentials from the first device. For example, responsive to receivingthe communication request, the doorbell device can transmit anacknowledgement signal to the first device and, responsive thereto,receive the first access credentials.

Various embodiments for how the first device determines whether thefirst device is proximate to the second device are contemplated. Forexample, in some embodiments, the first device can determine that thefirst device is proximate to the second device when the second device isboth paired with the first device and connected with the first device,for example, via a Bluetooth or other wireless connection. Additionallyor alternatively, in some embodiments, the first device can determinethat the first device is proximate to the second device when first GPScoordinates of the first device are within a predetermined range ofsecond GPS coordinates of the second device. Additionally oralternatively, in some embodiments, the first device can determine thatthe first device is proximate to the second device when the first deviceand the second device are connected to a same local wireless network.Additionally or alternatively, in some embodiments, the first device candetermine that the first device is proximate to the second device bytransmitting a test command to the second device via a low poweredwireless connection and, responsive thereto, receiving a responsemessage from the second device.

Various embodiments for when the first device determines whether thefirst device is proximate to the second device are also contemplated.For example, in some embodiments, the first device can determine whetherthe first device is proximate to the second device responsive toreceiving user input instructing the first device to transmit the firstaccess credentials to the doorbell device, for example, via a userinterface device of the first device, and prior to transmitting thefirst access credentials to the doorbell device. Additionally oralternatively, in some embodiments, the first device can determinewhether the first device is proximate to the second device responsive toreceiving the acknowledgement signal from the doorbell device and priorto transmitting the first access credentials to the doorbell device.Additionally or alternatively, in some embodiments, the first device canperiodically determine whether the first device is proximate to thesecond device and, responsive thereto, adjust a display of the userinterface device of the first device or what portions of the userinterface device of the first device can be activated or selected. Forexample, when the first device determines that the first device isproximate to the second device, the first device can enable the userinterface device of the first device to receive user input instructingthe first device to transmit the first access credentials to thedoorbell device, for example, by enabling or activating the display orportions of the user interface device of the first device. However, whenthe first device fails to determine that the first device is proximateto the second device, the first device can disable the user interfacedevice of the first device from receiving user input instructing thefirst device to transmit the first access credentials to the doorbelldevice, for example, by freezing, disabling, or deactivating the displayor portions of the user interface device of the first device.

In any embodiment, when the first device is proximate to the seconddevice, the indication of two-factor authentication that the doorbelldevice receives from the first device can include or be representativeof an authentication signal that the first device receives from thesecond device or another indicator confirming that the first device isproximate to the second device. In some embodiments, the doorbell devicecan receive both the first access credentials and the indication oftwo-factor authentication in a request to change the state of the accesscontrol device, and in these embodiments, the doorbell device candetermine whether one or more dedicated bits in the request include theindication of two-factor authentication.

As explained above, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with both the first device and the second device. In theseembodiments, the doorbell device can receive the first accesscredentials from the first device, determine whether the first accesscredentials are valid, and when the first access credentials are valid,transmit a notification signal to the second device to solicit secondaccess credentials from the second device. In some embodiments, thedoorbell device can transmit the notification signal to the seconddevice via a low powered wireless connection to ensure that the seconddevice will receive the notification signal and respond thereto onlywhen located proximate to the doorbell device. However, in anyembodiment, responsive to receiving the second access credentials fromthe second device, the doorbell device can determine whether the secondaccess credentials are valid and, when the second access credentials arevalid, transmit the state change command to the access control deviceand/or the control panel.

As explained above, the doorbell device can transmit the notificationsignal to the second device to solicit the second access credentialsfrom the second device. In some embodiments, the second device can beconfigured to automatically transmit the second access credentials tothe doorbell device responsive to receiving the notification signal.Additionally or alternatively, in some embodiments, the notificationsignal can instruct the second device to solicit user input identifyingthe second access credentials, and/or the second device can beconfigured to solicit user input identifying the second accesscredentials responsive to receiving the notification signal.Additionally or alternatively, in some embodiments, the second accesscredentials can be pre-stored on the second device, and the notificationsignal can instruct the second device to solicit user input withinstructions to transmit the second access credentials, and/or thesecond device can be configured to solicit user input with instructionsto transmit the second access credentials responsive to receiving thenotification signal. In any embodiment, responsive to receiving userinput identifying the second access credentials or user input withinstructions to transmit the second access credentials, the seconddevice can transmit the second access credentials to the doorbelldevice.

In some embodiments, when the doorbell device determines that the firstaccess credentials received from the first device are valid, but failsto receive the indication of two-factor authentication from the firstdevice or the second access credentials from the second device, thedoorbell device can initiate a security action. In some embodiments, thesecurity action can include the doorbell device transmitting a warningsignal to a mobile device that is different than the first device or thesecond device or to the control panel, either of which, under certainconditions or responsive to user input, can authorize the doorbelldevice to transmit the state change command to the access control deviceor the control panel despite a lack of two-factor authentication.Additionally or alternatively, in some embodiments, the security actioncan include the doorbell device transmitting an alarm signal to thecontrol panel or transmitting a locking signal to the first device, forexample, when the doorbell device receives the first access credentialsfrom the first device a predetermined number of times within apredetermined time period without also receiving the indication oftwo-factor authentication from the first device or the second accesscredentials from the second device within the predetermined period oftime.

FIG. 1 is a block diagram of a system 20 in accordance with disclosedembodiments. As seen in FIG. 1, the system 20 can include a first device22, a second device 24, a doorbell device 26 associated with a region R,an access control device 28 that controls access to the region R, and acontrol panel 30 that monitors the region R. In some embodiments, thesystem 20 can also include a cloud server device 32 that communicateswith the doorbell device 26 and/or the other devices in the system 20via a network N, such as the internet. As seen in FIG. 1, the doorbelldevice 26 can include a transceiver device 34 and a programmableprocessor 36, and in some embodiments, the transceiver device 34 caninclude one or more communication modules for communicating with thefirst device 22, the second device 24, the access control device 28, thecontrol panel 30 and/or the cloud server device 32 via any knownwireless or wired communication medium (e.g. Wi-Fi, cellular, Bluetooth,cable, phone line, Ethernet, fiber, etc.).

FIG. 2 is a flow diagram of a method 100 in accordance with disclosedembodiments. As seen in FIG. 2, the method 100 can include thetransceiver device 34 receiving first access credentials from the firstdevice 22, as in 102. Then, the method 100 can include the programmableprocessor 36 determining whether the first access credentials are valid,as in 104. When the first access credentials are invalid, the method 100can include taking no action, as in 106, or, in some embodiments,initiating a security action as described herein.

However, when the first access credentials are valid, the method 100 caninclude the programmable processor 36 determining whether the doorbelldevice 26 has received an indication of two-factor authentication of thefirst device 22 from the first device 22, as in 108. If not, then themethod 100 can continue determining whether the indication of two-factorauthentication has been received, as in 108. However, when theindication of two-factor authentication has been received, the method100 can include the transceiver device 34 transmitting a state changecommand to the access control device 28 and/or the control panel 30, asin 110.

FIG. 3 is a flow diagram of a method 200 in accordance with disclosedembodiments. As seen in FIG. 3, the method 200 can include thetransceiver device 34 receiving first access credentials from the firstdevice 22, as in 202. Then, the method 200 can include the programmableprocessor 36 determining whether the first access credentials are valid,as in 204. When the first access credentials are invalid, the method 200can include taking no action, as in 206, or, in some embodiments,initiating a security action as described herein.

However, when the first access credentials are valid, the method 200 caninclude the transceiver device 34 transmitting a notification signal tothe second device 24, as in 208, and responsive thereto, receivingsecond access credentials from the second device 24, as in 210. Then,the method 200 can include the programmable processor 36 determiningwhether the second access credentials are valid, as in 212. When thesecond access credentials are invalid, the method 200 can include takingno action, as in 214, or, in some embodiments, initiating the securityaction as described herein. However, when the second access credentialsare valid, the method 200 can include the transceiver device 34transmitting a state change command to the access control device 28and/or the control panel 30, as in 216.

Various embodiments for transmitting the first access credentials andthe second access credentials are contemplated. For example, in someembodiments, the first device 22 can transmit the first accesscredentials directly to doorbell device 26 and/or the second device 24can transmit the second access credentials directly to the doorbelldevice 26 via any known communication medium, including, but not limitedto Bluetooth, radio frequency ID, near field communication, WiFi, andcellular, or via a visual display of coded information, such as a QRcode or a barcode, that is captured by a camera of the doorbell device26. Additionally or alternatively, in some embodiments, the first device22 can transmit the first access credentials indirectly to doorbelldevice 26 and/or the second device 24 can transmit the second accesscredentials indirectly to the doorbell device 26 via an intermediarydevice, such as the cloud server device 32 or the control panel 30.

Various embodiments for determining whether the first access credentialsand/or the second access credentials are valid are also contemplated.For example, in some embodiments, the programmable processor 36 candetermine whether the first access credentials and/or the second accesscredentials are valid. Additionally or alternatively, in someembodiments, the doorbell device 26 can communicate with one or both ofthe control panel 30 and the cloud server device 32 to determine whetherthe first access credentials and/or the second access credentials arevalid. It is to be understood that determining whether any accesscredentials are valid as described herein can include determiningwhether those access credentials are associated with the doorbell device26, the access control device 28, the control panel 30, the region R,and/or an authorized user associated with the doorbell device 26, theaccess control device 28, the control panel 30, or the region R.

Finally, various embodiments for transmitting the state change commandto the access control device 28 and/or the control panel 30 arecontemplated. For example, in some embodiments, the doorbell device 26can transmit the state change command directly to the access controldevice 28 and/or the control panel 30. Additionally or alternatively, insome embodiments, the doorbell device 26 can transmit the state changecommand to the access control device 28 via an intermediary device, suchas the cloud server device 32 or the control panel 30, or can transmitthe state change command to the control panel 30 via an intermediarydevice, such as the cloud server device 32.

Although a few embodiments have been described in detail above, othermodifications are possible. For example, the logic flows described abovedo not require the particular order described or sequential order toachieve desirable results. Other steps may be provided, steps may beeliminated from the described flows, and other components may be addedto or removed from the described systems. Other embodiments may bewithin the scope of the invention.

From the foregoing, it will be observed that numerous variations andmodifications may be effected without departing from the spirit andscope of the invention. It is to be understood that no limitation withrespect to the specific system or method described herein is intended orshould be inferred. It is, of course, intended to cover all suchmodifications as fall within the spirit and scope of the invention.

1. A method comprising: receiving access credentials at a doorbelldevice from a mobile device; determining whether the access credentialsare valid at the doorbell device; determining whether the doorbelldevice receives an indication of a two-factor authentication of themobile device from the mobile device, wherein the indication of thetwo-factor authentication of the mobile device confirms to the doorbelldevice that the mobile device has communicated with a two-factorauthentication device to execute the two-factor authentication of themobile device without the doorbell device communicating directly withthe two-factor authentication device; and when the access credentialsare valid and the doorbell device receives the indication of thetwo-factor authentication of the mobile device from the mobile device,transmitting a state change command from the doorbell device to anaccess control device that controls access to a secured area associatedwith the doorbell device.
 2. The method of claim 1 further comprising:determining a state of the access control device; when the accesscredentials are valid, the doorbell device receives the indication ofthe two-factor authentication of the mobile device from the mobiledevice, and the state of the access control device is unlocked,transmitting an arm command from the doorbell device to a control panelthat monitors the secured area; and when the access credentials arevalid, the doorbell device receives the indication of the two-factorauthentication of the mobile device from the mobile device, and thestate of the access control device is locked, transmitting a disarmcommand from the doorbell device to the control panel.
 3. The method ofclaim 1 further comprising: receiving a communication request at thedoorbell device from the mobile device; responsive to receiving thecommunication request, transmitting an acknowledgment signal from thedoorbell device to the mobile device; and responsive to theacknowledgment signal, receiving the access credentials at the doorbelldevice.
 4. The method of claim 1 wherein the indication of thetwo-factor authentication of the mobile device confirms to the doorbelldevice that the mobile device is proximate to the two-factorauthentication device.
 5. The method of claim 1 wherein the indicationof the two-factor authentication of the mobile device confirms to thedoorbell device that the two-factor authentication device is both pairedwith the mobile device and connected with the mobile device.
 6. Themethod of claim 1 wherein the indication of the two-factorauthentication of the mobile device confirms to the doorbell device thatfirst GPS coordinates of the mobile device are within a predeterminedrange of second GPS coordinates of the two-factor authentication device.7. The method of claim 1 further comprising: receiving both the accesscredentials and the indication of the two-factor authentication of themobile device at the doorbell device in a request to change a state ofthe access control device.
 8. The method of claim 7 further comprising:determining whether one or more dedicated bits of the request includethe indication of the two-factor authentication of the mobile device.9-11. (canceled)
 12. A doorbell device comprising: a transceiver device;and a programmable processor, wherein the transceiver device receivesaccess credentials from a first device, wherein the programmableprocessor determines whether the access credentials are valid, whereinthe programmable processor determines whether the transceiver device hasreceived an indication of a two-factor authentication of the firstdevice from the first device, wherein the indication of the two-factorauthentication of the first device confirms to the programmableprocessor that the first device has communicated with a second device toexecute the two-factor authentication of the first device without thetransceiver device communicating directly with the second device, andwherein, when the access credentials are valid and the transceiverdevice has received the indication of the two-factor authentication ofthe first device from the first device, the transceiver device transmitsa state change command to an access control device that controls accessto a secured area associated with the doorbell device.
 13. The doorbelldevice of claim 12 wherein the transceiver device receives acommunication request from the first device, transmits anacknowledgement signal to the first device responsive to receiving thecommunication request, and receives the access credentials responsive tothe acknowledgement signal.
 14. (canceled)
 15. The doorbell device ofclaim 12 wherein the transceiver device receives both the accesscredentials and the indication of the two-factor authentication of thefirst device in a request to change a state of the access controldevice.
 16. The doorbell device of claim 15 wherein the programmableprocessor determines whether one or more dedicated bits of the requestinclude the indication of the two-factor authentication of the firstdevice.
 17. The doorbell device of claim 12 wherein the indication ofthe two-factor authentication of the first device confirms to theprogrammable processor that the first device is proximate to the seconddevice. 18-19. (canceled)
 20. The doorbell device of claim 12 whereinthe programmable processor determines a state of the access controldevice, wherein, when the access credentials are valid, the transceiverdevice receives the indication of the two-factor authentication of thefirst device from the first device, and the state of the access controldevice is unlocked, the transceiver device transmits an arm command to acontrol panel that monitors the secured area, and wherein, when theaccess credentials are valid, the transceiver device receives theindication of the two-factor authentication of the first device from thefirst device, and the state of the access control device is locked, thetransceiver device transmits a disarm command to the control panel. 21.A method comprising: receiving access credentials at a doorbell devicefrom a mobile device; determining whether the access credentials arevalid at the doorbell device; determining whether the doorbell devicereceives an indication of a two-factor authentication of the mobiledevice from the mobile device, wherein the indication of the two-factorauthentication of the mobile device confirms to the doorbell device thatthe mobile device has confirmed that the mobile device is proximate to atwo-factor authentication device without the doorbell devicecommunicating directly with the two-factor authentication device; andwhen the access credentials are valid and the doorbell device receivesthe indication of the two-factor authentication of the mobile device,transmitting a state change command from the doorbell device to anaccess control device that controls access to a secured area associatedwith the doorbell device.
 22. The method of claim 21 wherein theindication of the two-factor authentication of the mobile deviceconfirms to the doorbell device that the mobile device has communicatedwith the two-factor authentication device to confirm that the mobiledevice is proximate to the two-factor authentication device.
 23. Themethod of claim 21 wherein the indication of the two-factorauthentication of the mobile device confirms to the doorbell device thatthe mobile device has confirmed that the two-factor authenticationdevice is both paired with the mobile device and connected with themobile device.
 24. The method of claim 21 wherein the indication of thetwo-factor authentication of the mobile device confirms to the doorbelldevice that the mobile device has communicated with the two-factorauthentication device to confirm that first GPS coordinates of themobile device are within a predetermined range of second GPS coordinatesof the two-factor authentication device.
 25. The doorbell device ofclaim 12 wherein the indication of the two-factor authentication of thefirst device confirms to the programmable processor that the seconddevice is both paired with the first device and connected with the firstdevice.
 26. The doorbell device of claim 12 wherein the indication ofthe two-factor authentication of the first device confirms to theprogrammable processor that first GPS coordinates of the first deviceare within a predetermined range of second GPS coordinates of the seconddevice.